Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Linux)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with Sun Java JDK/JRE and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws occur due to, - Error when decoding 'DER' encoded data and parsing HTTP headers. - Error when verifying 'HMAC' digests. - Integer overflow error in the 'JPEG JFIF' Decoder while processing malicious image files. - A buffer overflow error in the 'setDiffICM()' and 'setBytePixels()' functions in the Abstract Window Toolkit (AWT). - Unspecified error due to improper parsing of color profiles of images. - A buffer overflow error due to improper implementation of the 'HsbParser.getSoundBank()' function. - Three unspecified errors when processing audio or image files.
Affected Software
Affected Software
Sun Java JDK/JRE 6 prior to 6 Update 17 Sun Java JDK/JRE 5 prior to 5 Update 22 Sun Java JDK/JRE 1.4.x prior to 1.4.2_24 Sun Java JDK/JRE 1.3.x prior to 1.3.1_27 on Linux.
Solution
Solution
Upgrade to JDK/JRE version 6 Update 17 or later, Upgrade to JDK/JRE version 5 Update 22 Upgrade to JDK/JRE version 1.4.2_24 Upgrade to JDK/JRE version 1.3.1_27